CVE-2021-2017

Vulnerability in the Oracle User Management product of Oracle E-Business Suite component: Proxy User Delegation. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Us...

CVE-2021-35554

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite component: Quotes. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade...

CVE-2020-14847

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Query. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2020-14533

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2020-14896

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Core. Supported versions that are affected are 14.1.0-14.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payment...

CVE-2020-2866

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2020-2559

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: UIF Open UI. Supported versions that are affected are 19.7 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attack...

CVE-2020-14890

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: Pre Login. Supported versions that are affected are 12.0.1, 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2020-14823

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Preferences. Supported versions that are affected are 12.2.3 - 12.2.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle CRM Technic...

CVE-2020-14802

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2020-14548

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Web General. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

CVE-2020-7904

In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS...

CVE-2018-2883

Vulnerability in the Oracle Retail Xstore Office component of Oracle Retail Applications subcomponent: Internal Operations. Supported versions that are affected are 7.0 and 7.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retai...

CVE-2019-16552

A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins maste...

CVE-2019-2783

Vulnerability in the Oracle Payments component of Oracle E-Business Suite subcomponent: File Transmission. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

CVE-2019-2846

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows...

CVE-2019-2756

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2019-3024

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: Engineering Change Order. Supported versions that are affected are 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed...

CVE-2019-3015

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Integration Broker. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterpri...

CVE-2019-2900

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Actions. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...